private boolean isAuthenticatedUsingCerts(List<X509Certificate> certs) throws IOException, UnsupportedCallbackException { NameCallback nameHandler = new NameCallback("user:"); CertificateCallback certificateCallback = new CertificateCallback(); callbackHandler.handle(new Callback[] { nameHandler, certificateCallback }); X509Certificate[] certArray = certificateCallback.getCertificates(); if(certArray != null) { certs.addAll(Arrays.asList(certArray)); } return nameHandler.getName() == null && !certs.isEmpty(); }
@Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof CertificateCallback) { CertificateCallback certCallback = (CertificateCallback) callback; certCallback.setCertificates(new X509Certificate[]{cert}); } else { throw new UnsupportedCallbackException(callback); } } } };
/** * Overriding to allow for certificate-based login. Standard JAAS. */ @Override public boolean login() throws LoginException { Callback[] callbacks = new Callback[1]; callbacks[0] = new CertificateCallback(); try { callbackHandler.handle(callbacks); } catch (IOException ioe) { throw new LoginException(ioe.getMessage()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Unable to obtain client certificates: " + uce.getMessage()); } certificates = ((CertificateCallback) callbacks[0]).getCertificates(); username = getUserNameForCertificates(certificates); if (username == null) { throw new FailedLoginException("No user for client certificate: " + getDistinguishedName(certificates)); } if (debug) { logger.debug("Certificate for user: " + username); } return true; }
CertificateCallback certCallback = (CertificateCallback) callback; certCallback.setCertificates(getCertsFromConnection(remotingConnection)); } else if (callback instanceof Krb5Callback) { Krb5Callback krb5Callback = (Krb5Callback) callback;